From 33cdc0ad360e4ea58c7ec15d2fb1c2bce431f965 Mon Sep 17 00:00:00 2001 From: lianan-352889950 <35288995@qq.com> Date: Thu, 9 Nov 2023 13:18:06 +0800 Subject: [PATCH 1/8] Modify the inaccuracies in the TLS description --- tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md index 3fb2ab6ecc232..79713dc041004 100644 --- a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md +++ b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md @@ -28,16 +28,17 @@ In the [TiDB Cloud console](https://tidbcloud.com/), you can get examples of dif 3. On the **Standard Connection** tab of this dialog, follow the three steps to set up the TLS connection. - Step 1:Create traffic filter - - Step 2:Download TiDB cluster CA + - Step 2:Download CA Cert - Step 3:Connect with an SQL client 4. Under **Step 1: Create traffic filter** in the dialog, configure the IP addresses that are allowed to access your cluster. For more information, see [Configure an IP access list in standard connection](/tidb-cloud/configure-ip-access-list.md#configure-an-ip-access-list-in-standard-connection). -5. Under **Step 2: Download TiDB cluster CA**, click **Download TiDB cluster CA** to download it locally for client TLS configuration. The TiDB cluster CA ensures that the TLS connection is secure and reliable. +5. Under **Step 2: Download CA Cert**, click **Download CA Cert** to download it locally for client TLS configuration. The CA Cert ensures that the TLS connection is secure and reliable. > **Note:** > - > After downloading your TiDB Dedicated cluster CA, you can store it in the default storage path of your operating system, or specify another storage path. You need to replace the CA path in the code example with your own cluster CA path in the subsequent steps. + > After downloading your CA Cert, you can store it in the default storage path of your operating system, or specify another storage path. You need to replace the CA Cert path in the code example with your own CA Cert path in the subsequent steps. + > TiDB Dedicated does not force clients to use TLS connections, and user-defined configuration of the `require_secure_transport` variable is not supported on [TiDB Dedicated](https://docs.pingcap.com/tidbcloud/system-variables#require_secure_transport-new-in-v610) currently. 6. Under **Step 3: Connect with an SQL client** in the dialog, click the tab of your preferred connection method, and then refer to the connection string and sample code on the tab to connect to your cluster. @@ -298,4 +299,4 @@ For security reasons, TiDB Dedicated only supports TLS 1.2 and TLS 1.3, and does No. -TiDB Dedicated only supports one-way TLS authentication, and does not support two-way TLS authentication currently. If you need two-way TLS authentication, contact [TiDB Cloud Support](/tidb-cloud/tidb-cloud-support.md). +TiDB Dedicated only supports one-way TLS authentication, and does not support two-way TLS authentication currently. Please do not make custom configurations of `ssl_cert` and `ssl_key` parameters on TiDB Dedicated. If you need two-way TLS authentication, contact [TiDB Cloud Support](/tidb-cloud/tidb-cloud-support.md). From 50ec45984ddbf93e1dafd84bf56ba1205431831a Mon Sep 17 00:00:00 2001 From: Grace Cai Date: Thu, 9 Nov 2023 15:34:14 +0800 Subject: [PATCH 2/8] Apply suggestions from code review --- tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md index 79713dc041004..949280c31b898 100644 --- a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md +++ b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md @@ -37,8 +37,8 @@ In the [TiDB Cloud console](https://tidbcloud.com/), you can get examples of dif > **Note:** > - > After downloading your CA Cert, you can store it in the default storage path of your operating system, or specify another storage path. You need to replace the CA Cert path in the code example with your own CA Cert path in the subsequent steps. - > TiDB Dedicated does not force clients to use TLS connections, and user-defined configuration of the `require_secure_transport` variable is not supported on [TiDB Dedicated](https://docs.pingcap.com/tidbcloud/system-variables#require_secure_transport-new-in-v610) currently. + > - After downloading your CA Cert, you can store it in the default storage path of your operating system, or specify another storage path. You need to replace the CA Cert path in the code example with your own CA Cert path in the subsequent steps. + > - TiDB Dedicated does not force clients to use TLS connections, and user-defined configuration of the [`require_secure_transport`](/system-variables.md#require_secure_transport-new-in-v610) variable is currently not supported on [TiDB Dedicated](https://docs.pingcap.com/tidbcloud/system-variables#require_secure_transport-new-in-v610). 6. Under **Step 3: Connect with an SQL client** in the dialog, click the tab of your preferred connection method, and then refer to the connection string and sample code on the tab to connect to your cluster. @@ -299,4 +299,4 @@ For security reasons, TiDB Dedicated only supports TLS 1.2 and TLS 1.3, and does No. -TiDB Dedicated only supports one-way TLS authentication, and does not support two-way TLS authentication currently. Please do not make custom configurations of `ssl_cert` and `ssl_key` parameters on TiDB Dedicated. If you need two-way TLS authentication, contact [TiDB Cloud Support](/tidb-cloud/tidb-cloud-support.md). +TiDB Dedicated only supports one-way TLS authentication, and does not support two-way TLS authentication currently. If you need two-way TLS authentication, contact [TiDB Cloud Support](/tidb-cloud/tidb-cloud-support.md). From 5492c8876e550708fabd0e12082706810ddfce22 Mon Sep 17 00:00:00 2001 From: lianan-352889950 <35288995@qq.com> Date: Mon, 13 Nov 2023 10:53:36 +0800 Subject: [PATCH 3/8] CA cert description modification --- tidb-cloud/connect-via-standard-connection.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tidb-cloud/connect-via-standard-connection.md b/tidb-cloud/connect-via-standard-connection.md index 922b94825cffc..7e20026b0ef26 100644 --- a/tidb-cloud/connect-via-standard-connection.md +++ b/tidb-cloud/connect-via-standard-connection.md @@ -38,11 +38,11 @@ To connect to a TiDB Dedicated cluster via standard connection, take the followi 3. Click **Create Filter** to confirm the changes. -4. Under **Step 2: Download TiDB cluster CA** in the dialog, click **Download TiDB cluster CA** for TLS connection to TiDB clusters. The TiDB cluster CA supports TLS 1.2 version by default. +4. Under **Step 2: Download CA Cert** in the dialog, click **Download CA Cert** for TLS connection to TiDB clusters. The CA Cert supports TLS 1.2 version by default. > **Note:** > - > - The TiDB cluster CA is only available for TiDB Dedicated clusters. + > - The CA Cert is only available for TiDB Dedicated clusters. > - Currently, TiDB Cloud only provides the connection strings and sample code for these connection methods: MySQL, MyCLI, JDBC, Python, Go, and Node.js. 5. Under **Step 3: Connect with a SQL client** in the dialog, click the tab of your preferred connection method, and then refer to the connection string and sample code on the tab to connect to your cluster. From 6dff304383b14dfc3887934c24e73256c6fde21f Mon Sep 17 00:00:00 2001 From: Grace Cai Date: Tue, 14 Nov 2023 09:57:30 +0800 Subject: [PATCH 4/8] Update tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md --- tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md index 949280c31b898..37769196adf74 100644 --- a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md +++ b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md @@ -38,7 +38,7 @@ In the [TiDB Cloud console](https://tidbcloud.com/), you can get examples of dif > **Note:** > > - After downloading your CA Cert, you can store it in the default storage path of your operating system, or specify another storage path. You need to replace the CA Cert path in the code example with your own CA Cert path in the subsequent steps. - > - TiDB Dedicated does not force clients to use TLS connections, and user-defined configuration of the [`require_secure_transport`](/system-variables.md#require_secure_transport-new-in-v610) variable is currently not supported on [TiDB Dedicated](https://docs.pingcap.com/tidbcloud/system-variables#require_secure_transport-new-in-v610). + > - TiDB Dedicated does not force clients to use TLS connections, and user-defined configuration of the [`require_secure_transport`](/system-variables.md#require_secure_transport-new-in-v610) variable is currently not supported on TiDB Dedicated. 6. Under **Step 3: Connect with an SQL client** in the dialog, click the tab of your preferred connection method, and then refer to the connection string and sample code on the tab to connect to your cluster. From 8f64079ff047139a34dfa1fdbd48e8a6943a2689 Mon Sep 17 00:00:00 2001 From: qiancai Date: Tue, 14 Nov 2023 10:22:16 +0800 Subject: [PATCH 5/8] Update migrate-from-mysql-using-aws-dms.md --- tidb-cloud/migrate-from-mysql-using-aws-dms.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tidb-cloud/migrate-from-mysql-using-aws-dms.md b/tidb-cloud/migrate-from-mysql-using-aws-dms.md index 70e14bce6bf53..6b3fb963ff7cc 100644 --- a/tidb-cloud/migrate-from-mysql-using-aws-dms.md +++ b/tidb-cloud/migrate-from-mysql-using-aws-dms.md @@ -100,7 +100,7 @@ AWS DMS does not support replicating `DROP TABLE`. 3. Under **Step 1: Create traffic filter** in the dialog, click **Edit**, enter the public and private network IP addresses that you copied from the AWS DMS console, and then click **Update Filter**. It is recommended to add the public IP address and private IP address of the AWS DMS replication instance to the TiDB cluster traffic filter at the same time. Otherwise, AWS DMS might not be able to connect to the TiDB cluster in some scenarios. -4. Click **Download TiDB cluster CA** to download the CA certificate. Under **Step 3: Connect with a SQL client** in the dialog, take a note of the `-u`, `-h`, and `-P` information in the connection string for later use. +4. Click **Download CA Cert** to download the CA certificate. Under **Step 3: Connect with a SQL client** in the dialog, take a note of the `-u`, `-h`, and `-P` information in the connection string for later use. 5. Click the **VPC Peering** tab in the dialog, and then click **Add** under **Step 1: Set up VPC** to create a VPC Peering connection for the TiDB cluster and AWS DMS. From d4de0525759a2a5542dec83850bfa793164f9988 Mon Sep 17 00:00:00 2001 From: Grace Cai Date: Tue, 14 Nov 2023 10:22:39 +0800 Subject: [PATCH 6/8] Update tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md Co-authored-by: xixirangrang --- tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md index 37769196adf74..e1fe363fc6375 100644 --- a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md +++ b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md @@ -37,7 +37,7 @@ In the [TiDB Cloud console](https://tidbcloud.com/), you can get examples of dif > **Note:** > - > - After downloading your CA Cert, you can store it in the default storage path of your operating system, or specify another storage path. You need to replace the CA Cert path in the code example with your own CA Cert path in the subsequent steps. + > - You can store the downloaded CA Cert in the default storage path of your operating system, or specify another storage path. You need to replace the CA Cert path in the code example with your own CA Cert path in the subsequent steps. > - TiDB Dedicated does not force clients to use TLS connections, and user-defined configuration of the [`require_secure_transport`](/system-variables.md#require_secure_transport-new-in-v610) variable is currently not supported on TiDB Dedicated. 6. Under **Step 3: Connect with an SQL client** in the dialog, click the tab of your preferred connection method, and then refer to the connection string and sample code on the tab to connect to your cluster. From 9e7d7a6dc5103c29fbd3f8155bc1697bc1814318 Mon Sep 17 00:00:00 2001 From: Grace Cai Date: Tue, 14 Nov 2023 18:14:50 +0800 Subject: [PATCH 7/8] Apply suggestions from code review --- tidb-cloud/connect-via-standard-connection.md | 4 ++-- tidb-cloud/migrate-from-mysql-using-aws-dms.md | 2 +- tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tidb-cloud/connect-via-standard-connection.md b/tidb-cloud/connect-via-standard-connection.md index 7e20026b0ef26..dfe68f465736f 100644 --- a/tidb-cloud/connect-via-standard-connection.md +++ b/tidb-cloud/connect-via-standard-connection.md @@ -38,11 +38,11 @@ To connect to a TiDB Dedicated cluster via standard connection, take the followi 3. Click **Create Filter** to confirm the changes. -4. Under **Step 2: Download CA Cert** in the dialog, click **Download CA Cert** for TLS connection to TiDB clusters. The CA Cert supports TLS 1.2 version by default. +4. Under **Step 2: Download CA cert** in the dialog, click **Download CA cert** for TLS connection to TiDB clusters. The CA cert supports TLS 1.2 version by default. > **Note:** > - > - The CA Cert is only available for TiDB Dedicated clusters. + > - The CA cert is only available for TiDB Dedicated clusters. > - Currently, TiDB Cloud only provides the connection strings and sample code for these connection methods: MySQL, MyCLI, JDBC, Python, Go, and Node.js. 5. Under **Step 3: Connect with a SQL client** in the dialog, click the tab of your preferred connection method, and then refer to the connection string and sample code on the tab to connect to your cluster. diff --git a/tidb-cloud/migrate-from-mysql-using-aws-dms.md b/tidb-cloud/migrate-from-mysql-using-aws-dms.md index 6b3fb963ff7cc..65256413299d6 100644 --- a/tidb-cloud/migrate-from-mysql-using-aws-dms.md +++ b/tidb-cloud/migrate-from-mysql-using-aws-dms.md @@ -100,7 +100,7 @@ AWS DMS does not support replicating `DROP TABLE`. 3. Under **Step 1: Create traffic filter** in the dialog, click **Edit**, enter the public and private network IP addresses that you copied from the AWS DMS console, and then click **Update Filter**. It is recommended to add the public IP address and private IP address of the AWS DMS replication instance to the TiDB cluster traffic filter at the same time. Otherwise, AWS DMS might not be able to connect to the TiDB cluster in some scenarios. -4. Click **Download CA Cert** to download the CA certificate. Under **Step 3: Connect with a SQL client** in the dialog, take a note of the `-u`, `-h`, and `-P` information in the connection string for later use. +4. Click **Download CA cert** to download the CA certificate. Under **Step 3: Connect with a SQL client** in the dialog, take a note of the `-u`, `-h`, and `-P` information in the connection string for later use. 5. Click the **VPC Peering** tab in the dialog, and then click **Add** under **Step 1: Set up VPC** to create a VPC Peering connection for the TiDB cluster and AWS DMS. diff --git a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md index e1fe363fc6375..f9c24c23cd3ca 100644 --- a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md +++ b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md @@ -33,11 +33,11 @@ In the [TiDB Cloud console](https://tidbcloud.com/), you can get examples of dif 4. Under **Step 1: Create traffic filter** in the dialog, configure the IP addresses that are allowed to access your cluster. For more information, see [Configure an IP access list in standard connection](/tidb-cloud/configure-ip-access-list.md#configure-an-ip-access-list-in-standard-connection). -5. Under **Step 2: Download CA Cert**, click **Download CA Cert** to download it locally for client TLS configuration. The CA Cert ensures that the TLS connection is secure and reliable. +5. Under **Step 2: Download CA cert**, click **Download CA cert** to download it locally for client TLS configuration. The CA cert ensures that the TLS connection is secure and reliable. > **Note:** > - > - You can store the downloaded CA Cert in the default storage path of your operating system, or specify another storage path. You need to replace the CA Cert path in the code example with your own CA Cert path in the subsequent steps. + > - You can store the downloaded CA cert in the default storage path of your operating system, or specify another storage path. You need to replace the CA cert path in the code example with your own CA cert path in the subsequent steps. > - TiDB Dedicated does not force clients to use TLS connections, and user-defined configuration of the [`require_secure_transport`](/system-variables.md#require_secure_transport-new-in-v610) variable is currently not supported on TiDB Dedicated. 6. Under **Step 3: Connect with an SQL client** in the dialog, click the tab of your preferred connection method, and then refer to the connection string and sample code on the tab to connect to your cluster. From ca40bc5351ad615f00904f9b7472dc3ba5eeee23 Mon Sep 17 00:00:00 2001 From: Grace Cai Date: Tue, 14 Nov 2023 18:15:04 +0800 Subject: [PATCH 8/8] Update tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md --- tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md index f9c24c23cd3ca..2a7a9f8125ca0 100644 --- a/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md +++ b/tidb-cloud/tidb-cloud-tls-connect-to-dedicated.md @@ -28,7 +28,7 @@ In the [TiDB Cloud console](https://tidbcloud.com/), you can get examples of dif 3. On the **Standard Connection** tab of this dialog, follow the three steps to set up the TLS connection. - Step 1:Create traffic filter - - Step 2:Download CA Cert + - Step 2:Download CA cert - Step 3:Connect with an SQL client 4. Under **Step 1: Create traffic filter** in the dialog, configure the IP addresses that are allowed to access your cluster. For more information, see [Configure an IP access list in standard connection](/tidb-cloud/configure-ip-access-list.md#configure-an-ip-access-list-in-standard-connection).